CVE-2016-3371
描述
内核API无法正确实施权限, 允许本地用户通过精心设计的应用程序特权提升
影响版本
| Product | Version | Update | Edition | Tested |
|---|---|---|---|---|
| Windows 10 | - | |||
| Windows 10 | 1511 | |||
| Windows 10 | 1607 | |||
| Windows 7 | SP1 | |||
| Windows 8.1 | :heavy_check_mark: | |||
| Windows Rt 8.1 | ||||
| Windows Server 2008 | SP2 | |||
| Windows Server 2008 | R2 | SP1 | ||
| Windows Server 2012 | - | |||
| Windows Server 2012 | R2 | |||
| Windows Vista | SP2 |
修复补丁
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3371利用方式
测试系统Windows 8.1 x64
项目来源
https://github.com/Ascotbe/Kernelhub/tree/master/CVE-2016-3371